]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: e240d81) | patch
net/netip: check if address is v6 mapped in Is methods
authorRoland Shoemaker <bracewell@google.com>
Tue, 28 May 2024 20:26:31 +0000 (13:26 -0700)
committerGopher Robot <gobot@golang.org>
Tue, 4 Jun 2024 17:10:01 +0000 (17:10 +0000)
commitad4d9b046482a3a3fef19388a0d692ff4ebbe730
treef6a98865dd953201f21b33634bae7b51734074eetree
parente240d8150cf7b40587acd306a5bfa2b813a94010commit | diff
net/netip: check if address is v6 mapped in Is methods

In all of the Is* methods, check if the address is a v6 mapped v4
address, and unmap it if so.

Thanks to Enze Wang of Alioth (@zer0yu) and Jianjun Chen of Zhongguancun
Lab (@chenjj) for reporting this issue.

Fixes #67680
Fixes CVE-2024-24790

Change-Id: I6bd03ca1a5d93a0b59027d861c84060967b265b0
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1460
Reviewed-by: Russ Cox <rsc@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/590316
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
src/net/netip/inlining_test.go diff | blob | history
src/net/netip/netip.go diff | blob | history
src/net/netip/netip_test.go diff | blob | history
Go GOST TLS 1.3